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DETAILED ACTION 

1. Amendment received on 02/13/2006 has been entered. Claim 1 is amended. Claims 1-10 
are still pending. 

2. The specification and claims were amended after ISR was issued. The amended 
specification and claims were examined. There was no new matter introduced. The amended 
specification and claims were accepted. 

Priority 

3. This application is a 371 of PCT/FI00/00075 filed on 02/02/2000 with a priority 
FINLAND # 990265 on 02/10/1999. The filing date is 01/29/2002. 

Claim objections 

4. Claim 1 is objected to because of the following informalities: 

a. Claim 1 has listed item e, i.e. "e)", twice, the second item e should be re-labeled as 
item f, i.e. "f)'\ 
Appropriate correction is required. 

Claim Rejections - 35 USC § 112, second paragraph 

5. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

Claims 1, 6 and 8 are rejected under 35 U.S.C. 112, second paragraph as following: 

a. Claim 1 recites the limitation of . . TCP and/or port data, ..." in item b and . . d) 
optionally, and before or after step c) . . .". It makes the claim unclear if "and" or "or" 
is going to be used for the interpretation of the claim. For the purpose of applying art, 
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claim 1 is read as ". . . TCP and port data, ..." and ". . . d) optionally, and before step 
c)...". 

b. Claim 6 recites the limitation of". . .and possible other parameters". It makes the 
claim unclear if any other parameter and which other parameter is to included as the 
limitation of the claim. For the purpose of applying art, claim 6 is read without this 
cited limitation. 

c. Claim 8 recites the limitation of " . . . include address identification data and/or the 
port and or the protocol used for sending". It renders the claim not clear in the 
interpretation of searching and applying arts. For the purpose of applying art, claim 8 
is read as " ... include address identification data, the port and the protocol used for 
sending". 



Claim Rejections - 35 USC § 102 
6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 
122(b), by another filed in the United States before the invention by the applicant for patent 
or (2) a patent granted on an application for patent by another filed in the United States 
before the invention by the applicant for patent, except that an international application filed 
under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application 
designated the United States and was published under Article 21(2) of such treaty in the 
English language. 

Claims 1-10 are rejected under 35 U.S.C. 102(e) as being anticipated by Coss et al. (US 
6098172 A), hereinafter referred as Coss. 
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a. Regarding claim 1 , Coss disclosed a method for sending a message from a first 
computer system CI that belongs to an internal network, which is protected by a 
firewall to at least one other computer system C2 through the firewall (Fig. 1, 5 A and 
5B; claim 17; column 6, line 47-61 : request a session from a source to a destination 
through a firewall), compromising: a) sending from the first computer system to the 
firewall, a request with data for a new connection to be opened between the first 
computer system CI and at least one other computer system C2 for a message to be 
sent between said computer systems CI, C2 (claim 17; column 6, line 47-61: request 
a session from a source to a destination through a firewall), b) the firewall controls 
the data for the new connection via which the message is intended to be sent and, up 
on approval of the connection by the firewall, sending from the firewall to the first 
computer system CI, transformation information about the necessary modifications to 
be made in a message that is sent via the requested connection through the firewall, so 
that the message can pass through, the necessary modification including IP, protocol, 
TCP and/or port data (claims 1 and 2, column 5, lines 42-56: using session key for a 
request connection service; column 3-6, table: IPSEC protection; column 4, line 17- 
27: special encryption service; column 5, line 57-column 6, line 46: append session 
key; column 6, line 62-column 7, line 52: check for session key; column 9, line 62- 
column 10, line 59: encrypted channel), c) the first computer system CI receiving the 
transformation information from the fire wall and applying the transformation 
information to the message to modify the message to be sent in accordance with the 
information sent from the firewall (claims 1 and 2, column 5, lines 42-56: using 
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session key for a request connection service; column 5, line 57-column 6, line 46: 
append session key; column 6, line 62 -column 7, line 52: checking for session key), 
d) optionally, and before or after step c), sending from the first computer system to 
the firewall identification data of the connection for the message to be sent between 
said computer systems C 1 , C2 so that the connection for the message can be 
identified by the firewall and the message can pass the firewall (claim 17 and 18; 
column 2, line 18-28; column 8, line 3-67), e) the firewall receiving the identification 
data related the connection for the message (column 6, line 62-column 7, line 52: 
checking for session key), and f) sending the message from the first computer system 
CI to the at least one other computer system C2 through the firewall (Fig. 5 A and 5B; 
claim 17; column 6, line 62-column 7, line 52), the firewall associating the 
identification data with the connection for the message and letting the message 
through the firewall as long as the firewall associates the identification data with the 
connection for the message (column 6, line 62-column 7, line 52: using session key 
for search). 

b. Regarding claim 2, Coss disclosed the method according to claim 1 wherein the 

message to be sent between said computer systems CI, C2 is protected in step c) after 
it has been modified, whereby step d) is necessary and the data to be sent from the 
first computer system to the firewall includes the necessary information so that the 
connection for the message can be identified by the firewall (column 4, line 17-27; 
column 3-6, table; column 6, line 62-column 7, line 52). 
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c. Regarding claim 3, Coss disclosed the method of claim 2 wherein the protection is 
made using the IP Sec system (column 3-6, table). 

d. Regarding claim 4, Coss disclosed the method according to claim 2 wherein the 
message to be sent is authenticated (column 3-6, table; column 1, line 43-49; column 
8; line 46-50). 

e. Regarding claim 5, Coss disclosed the method according to claim 2 wherein the 
message to be sent is encrypted in step c) (claim 18; column 4, line 17-27; column 3- 
6, table; column 6, line 62-column 7, line 52). 

f. Regarding claim 6, Coss disclosed the method according to claim 1 wherein the 
information message in point a) contains data of the new connection to be opened 
between the first computer system C 1 and at least one other computer system C2 in 
form of address identification data and possible other parameters (Fig. 5 A and 5B; 
column 6, line 62-column 7, line 52). 

g. Regarding claim 7, Coss disclosed the method according to claim 6 wherein the 
possible other parameters are data about the port and the protocol used for sending 
(column 3-6, table; column 5, line 57-column 6, line 46; column 9, line 62-column 
10, line 2). 

h. Regarding claim 8, Coss disclosed the method according to claim 1 wherein in step b) 
the modifications include address identification data and/or the port and or the 
protocol used for sending (column 3-6, table; column 4, line 17-27; column 9, line 
62-column 10, line 2). 
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i. Regarding claim 9, Coss disclosed the method according to claim 1 wherein the 

message is using the TCP/IP protocol (column 3-6, table; column 5 3 line 57-column 6, 
line 46). 

j. Regarding claim 10, Coss disclosed the method according to claim 1 wherein the 
message is sent via internet (claim 17; column 6, line 62-column 7, line 52). 
Coss disclosed all limitations of claims 1-10. Claims 1-10 are rejected under 35 U.S.C. 
102(e). . 
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Response to Arguments 
7. Applicant's arguments filed on 02/13/2006 have been fully considered, but they are not 
persuasive. 

a. Applicant alleged that neither Coss nor any other cited reference teaches or suggests 
the combination of the steps of: receiving transformation information from the fire 
wall and applying the transformation information to the message to modify the 
message to be sent in accordance with the information sent from the firewall and the 
firewall associating the identification data, received from the first computer, with the 
connection for the message and letting the message through the firewall as long as the 
firewall associates the identification data with the connection for the message. As the 
alleged statement is related to the newly amended claim 1 . The above rejection is 
updated to reflect the amended limitation. Coss has shown from a firewall point view 
how a connection through firewall is to be set up. Coss has shown that a firewall is 
using "session key" to record the established connection and is expected to receive 
the "session key" for further communication from the requester of connection 
establishment. It is clear that the session key must be made known to the requester for 
further communication through the firewall on the same connection. Thus Coss has 
the amended and argued limitation of claim 1 . As applicant states that claims 2-10 
depend upon claim 1, the argument and response applies to claims 2-10 as well. 
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Remarks 

8. The following pertaining arts are discovered and not used in this office action. Office 
reserves the right to use these arts in later actions. 

a. Shwed et al. (US 5835726 A) System for securing the flow of and selectively 
modifying packets in a computer network 

b. Reid et al. (US 6182226 Bl) System and method for controlling interactions between 
networks 

c. Ylonen et al. (US 6438612 Bl) Method and arrangement for secure tunneling of data 
between virtual routers 

d. R. Atkinson, NRL, RFC- 1825 "Security Architecture for the Internet Protocol", 
August 1995 

e. R. Atkinson, NRL, RFC- 1 826 "IP Authentication Header", August 1 995 

f. R. Atkinson, NRL, RFC- 1827 IP Encapsulating Security Payload (ESP)", August 
1995 
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Conclusion 

9. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy 
as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE MONTHS 
from the mailing date of this action. In the event a first reply is filed within TWO MONTHS 
of the mailing date of this final action and the advisory action is not mailed until after the end 
of the THREE-MONTH shortened statutory period, then the shortened statutory period will 
expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 
1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

10. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. Refer to the enclosed PTO-892 for details. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Peling A. Shaw whose telephone number is (571) 272-7968. The 
examiner can normally be reached on M-F 8:00 - 4:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, William C. Vaughn can be reached on (571) 272-3922. The fax phone number for 
the organization where this application or proceeding is assigned is (571) 273-8300. 

Information regarding the statu9s of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
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applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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